<?php
/**
 * @description:
 * @author     : Geomen
 * @time       : 2019/1/30 18:12
 */


namespace App\Http\Middleware;


use App\Components\Helper;
use Closure;
use Illuminate\Http\Request;

class Permission
{
    public function handle(Request $request, Closure $next)
    {
        if (!$request->user()->can('isGod')) { //没有所有权限
            $path = Helper::formatUrl($request->path());
            if ($request->user()->id != 1 && !$request->user()->can($path)) { //不是超级管理员并且没有访问权限
                if ($request->isMethod('get')){
                    abort(401,'没有权限');
                }
                return response(['state' => 'fail', 'message' => '没有权限']);
            }
        }
        return $next($request);
    }
}